<?php
session_start();
require_once 'config.php';
require_once 'functions.php';

// 只接受POST请求
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['success' => false, 'message' => '方法不允许']);
    exit;
}

// 检查IP是否被封禁
$user_ip = get_user_ip();
if (is_ip_banned($user_ip)) {
    echo json_encode(['success' => false, 'message' => '你的IP已被封禁，无法进行此操作']);
    exit;
}

// 获取操作类型
$action = $_POST['action'] ?? '';

switch ($action) {
    case 'like':
        handleLike();
        break;
    case 'unlike':
        handleUnlike();
        break;
    case 'comment':
        handleComment();
        break;
    default:
        echo json_encode(['success' => false, 'message' => '无效的操作']);
        break;
}

// 处理点赞
function handleLike() {
    global $pdo, $user_ip;
    
    $type = $_POST['type'] ?? '';
    $id = $_POST['id'] ?? 0;
    
    // 验证参数
    if (!in_array($type, ['confession', 'daily']) || !is_numeric($id)) {
        echo json_encode(['success' => false, 'message' => '参数错误']);
        return;
    }
    
    $id = (int)$id;
    
    // 检查目标是否存在
    $table = $type . 's';
    $stmt = $pdo->prepare("SELECT id FROM $table WHERE id = ?");
    $stmt->execute([$id]);
    if ($stmt->rowCount() == 0) {
        echo json_encode(['success' => false, 'message' => '内容不存在']);
        return;
    }
    
    // 检查是否已经点赞
    if (has_liked($type, $id, $user_ip)) {
        echo json_encode(['success' => false, 'message' => '已经点赞过了']);
        return;
    }
    
    // 添加点赞
    try {
        $stmt = $pdo->prepare("INSERT INTO likes (type, target_id, ip_address) VALUES (?, ?, ?)");
        $stmt->execute([$type, $id, $user_ip]);
        echo json_encode(['success' => true, 'message' => '点赞成功']);
    } catch (PDOException $e) {
        echo json_encode(['success' => false, 'message' => '点赞失败，请重试']);
    }
}

// 处理取消点赞
function handleUnlike() {
    global $pdo, $user_ip;
    
    $type = $_POST['type'] ?? '';
    $id = $_POST['id'] ?? 0;
    
    // 验证参数
    if (!in_array($type, ['confession', 'daily']) || !is_numeric($id)) {
        echo json_encode(['success' => false, 'message' => '参数错误']);
        return;
    }
    
    $id = (int)$id;
    
    // 检查是否已经点赞
    if (!has_liked($type, $id, $user_ip)) {
        echo json_encode(['success' => false, 'message' => '还没有点赞']);
        return;
    }
    
    // 取消点赞
    try {
        $stmt = $pdo->prepare("DELETE FROM likes WHERE type = ? AND target_id = ? AND ip_address = ?");
        $stmt->execute([$type, $id, $user_ip]);
        echo json_encode(['success' => true, 'message' => '取消点赞成功']);
    } catch (PDOException $e) {
        echo json_encode(['success' => false, 'message' => '取消点赞失败，请重试']);
    }
}

// 处理评论
function handleComment() {
    global $pdo, $user_ip;
    
    $type = $_POST['type'] ?? '';
    $id = $_POST['id'] ?? 0;
    $content = trim($_POST['content'] ?? '');
    
    // 验证参数
    if (!in_array($type, ['confession', 'daily']) || !is_numeric($id) || empty($content)) {
        echo json_encode(['success' => false, 'message' => '参数错误或内容为空']);
        return;
    }
    
    $id = (int)$id;
    
    // 检查内容是否包含违禁词
    if (has_prohibited_words($content)) {
        echo json_encode(['success' => false, 'message' => '评论包含违禁词，请修改后重新提交']);
        return;
    }
    
    // 检查目标是否存在
    $table = $type . 's';
    $stmt = $pdo->prepare("SELECT id FROM $table WHERE id = ?");
    $stmt->execute([$id]);
    if ($stmt->rowCount() == 0) {
        echo json_encode(['success' => false, 'message' => '内容不存在']);
        return;
    }
    
    // 添加评论
    try {
        $stmt = $pdo->prepare("INSERT INTO comments (type, target_id, content, ip_address) VALUES (?, ?, ?, ?)");
        $stmt->execute([$type, $id, $content, $user_ip]);
        echo json_encode(['success' => true, 'message' => '评论成功']);
    } catch (PDOException $e) {
        echo json_encode(['success' => false, 'message' => '评论失败，请重试']);
    }
}
?>
